6.8

CVE-2014-4909

Exploit

EPSS 9.19%
Veröffentlicht 29.07.2014 14:55:07
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers an out-of-bounds write.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 19

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Canonical ≫ Ubuntu Linux Version12.04 Update- Editionlts

Canonical ≫ Ubuntu Linux Version13.10

Canonical ≫ Ubuntu Linux Version14.04 SwEditionlts

Fedoraproject ≫ Fedora Version20

Gentoo ≫ Linux

Transmissionbt ≫ Transmission Version <= 2.83

Transmissionbt ≫ Transmission Version0.1

Transmissionbt ≫ Transmission Version0.2

Transmissionbt ≫ Transmission Version0.3

Transmissionbt ≫ Transmission Version0.4

Transmissionbt ≫ Transmission Version0.5

Transmissionbt ≫ Transmission Version0.6

Transmissionbt ≫ Transmission Version0.6.1

Transmissionbt ≫ Transmission Version0.70

Transmissionbt ≫ Transmission Version0.71

Transmissionbt ≫ Transmission Version0.72

Transmissionbt ≫ Transmission Version0.80

Transmissionbt ≫ Transmission Version0.81

Transmissionbt ≫ Transmission Version0.82

Transmissionbt ≫ Transmission Version0.90

Transmissionbt ≫ Transmission Version0.91

Transmissionbt ≫ Transmission Version0.92

Transmissionbt ≫ Transmission Version0.93

Transmissionbt ≫ Transmission Version0.94

Transmissionbt ≫ Transmission Version0.95

Transmissionbt ≫ Transmission Version0.96

Transmissionbt ≫ Transmission Version1.00

Transmissionbt ≫ Transmission Version1.01

Transmissionbt ≫ Transmission Version1.02

Transmissionbt ≫ Transmission Version1.2

Transmissionbt ≫ Transmission Version1.03

Transmissionbt ≫ Transmission Version1.04

Transmissionbt ≫ Transmission Version1.05

Transmissionbt ≫ Transmission Version1.06

Transmissionbt ≫ Transmission Version1.10

Transmissionbt ≫ Transmission Version1.11

Transmissionbt ≫ Transmission Version1.20

Transmissionbt ≫ Transmission Version1.21

Transmissionbt ≫ Transmission Version1.22

Transmissionbt ≫ Transmission Version1.30

Transmissionbt ≫ Transmission Version1.31

Transmissionbt ≫ Transmission Version1.32

Transmissionbt ≫ Transmission Version1.33

Transmissionbt ≫ Transmission Version1.34

Transmissionbt ≫ Transmission Version1.40

Transmissionbt ≫ Transmission Version1.41

Transmissionbt ≫ Transmission Version1.42

Transmissionbt ≫ Transmission Version1.50

Transmissionbt ≫ Transmission Version1.51

Transmissionbt ≫ Transmission Version1.52

Transmissionbt ≫ Transmission Version1.53

Transmissionbt ≫ Transmission Version1.54

Transmissionbt ≫ Transmission Version1.60

Transmissionbt ≫ Transmission Version1.61

Transmissionbt ≫ Transmission Version1.70

Transmissionbt ≫ Transmission Version1.71

Transmissionbt ≫ Transmission Version1.72

Transmissionbt ≫ Transmission Version1.73

Transmissionbt ≫ Transmission Version1.74

Transmissionbt ≫ Transmission Version1.75

Transmissionbt ≫ Transmission Version1.76

Transmissionbt ≫ Transmission Version1.77

Transmissionbt ≫ Transmission Version1.80

Transmissionbt ≫ Transmission Version1.81

Transmissionbt ≫ Transmission Version1.82

Transmissionbt ≫ Transmission Version1.83

Transmissionbt ≫ Transmission Version1.90

Transmissionbt ≫ Transmission Version1.91

Transmissionbt ≫ Transmission Version1.92

Transmissionbt ≫ Transmission Version1.93

Transmissionbt ≫ Transmission Version2.00

Transmissionbt ≫ Transmission Version2.01

Transmissionbt ≫ Transmission Version2.02

Transmissionbt ≫ Transmission Version2.03

Transmissionbt ≫ Transmission Version2.04

Transmissionbt ≫ Transmission Version2.10

Transmissionbt ≫ Transmission Version2.11

Transmissionbt ≫ Transmission Version2.12

Transmissionbt ≫ Transmission Version2.13

Transmissionbt ≫ Transmission Version2.20

Transmissionbt ≫ Transmission Version2.21

Transmissionbt ≫ Transmission Version2.22

Transmissionbt ≫ Transmission Version2.30

Transmissionbt ≫ Transmission Version2.31

Transmissionbt ≫ Transmission Version2.32

Transmissionbt ≫ Transmission Version2.33

Transmissionbt ≫ Transmission Version2.40

Transmissionbt ≫ Transmission Version2.41

Transmissionbt ≫ Transmission Version2.42

Transmissionbt ≫ Transmission Version2.50

Transmissionbt ≫ Transmission Version2.51

Transmissionbt ≫ Transmission Version2.52

Transmissionbt ≫ Transmission Version2.60

Transmissionbt ≫ Transmission Version2.61

Transmissionbt ≫ Transmission Version2.70

Transmissionbt ≫ Transmission Version2.71

Transmissionbt ≫ Transmission Version2.72

Transmissionbt ≫ Transmission Version2.73

Transmissionbt ≫ Transmission Version2.74

Transmissionbt ≫ Transmission Version2.75

Transmissionbt ≫ Transmission Version2.76

Transmissionbt ≫ Transmission Version2.77

Transmissionbt ≫ Transmission Version2.80

Transmissionbt ≫ Transmission Version2.81

Transmissionbt ≫ Transmission Version2.82

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	9.19%	0.919

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

http://inertiawar.com/submission.go

Exploit

http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135539.html

http://lists.opensuse.org/opensuse-updates/2014-08/msg00011.html

http://secunia.com/advisories/59897

http://secunia.com/advisories/60108

http://secunia.com/advisories/60527

http://www.debian.org/security/2014/dsa-2988

http://www.openwall.com/lists/oss-security/2014/07/10/4

http://www.openwall.com/lists/oss-security/2014/07/11/5

http://www.osvdb.org/108997

http://www.securityfocus.com/bid/68487

http://www.ubuntu.com/usn/USN-2279-1

https://bugs.gentoo.org/show_bug.cgi?id=516822

https://bugzilla.redhat.com/show_bug.cgi?id=1118290

https://trac.transmissionbt.com/wiki/Changes#version-2.84

Vendor Advisory

https://twitter.com/benhawkes/statuses/484378151959539712

https://nvd.nist.gov/vuln/detail/CVE-2014-4909

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-4909

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-4909

EUVD